| 00:00:02 | * | marcus quit (Remote host closed the connection) |
| 00:00:45 | * | marcus joined #nim |
| 00:06:05 | * | tiorock joined #nim |
| 00:06:05 | * | rockcavera quit (Killed (copper.libera.chat (Nickname regained by services))) |
| 00:06:05 | * | tiorock is now known as rockcavera |
| 00:18:42 | * | thunder quit (Quit: Leaving) |
| 00:48:51 | * | xet7 joined #nim |
| 00:49:00 | * | xet7 quit (Remote host closed the connection) |
| 01:10:40 | * | Mister_Magister quit (Quit: bye) |
| 01:13:23 | * | Mister_Magister joined #nim |
| 02:12:57 | * | karolyi joined #nim |
| 02:21:12 | * | xet7 joined #nim |
| 02:24:04 | * | xet7 quit (Remote host closed the connection) |
| 03:08:17 | * | xet7 joined #nim |
| 03:09:33 | * | xet7 quit (Remote host closed the connection) |
| 03:11:00 | * | xet7 joined #nim |
| 03:11:37 | * | rockcavera quit (Remote host closed the connection) |
| 03:15:57 | * | xet7 quit (Remote host closed the connection) |
| 03:17:24 | * | xet7 joined #nim |
| 03:18:45 | * | xet7 quit (Remote host closed the connection) |
| 03:32:11 | * | Lord_Nightmare quit (Quit: ZNC - http://znc.in) |
| 03:34:47 | * | karolyi_ joined #nim |
| 03:35:20 | * | Lord_Nightmare joined #nim |
| 03:37:13 | * | karolyi quit (Ping timeout: 264 seconds) |
| 04:42:04 | * | SchweinDeBurg quit (Quit: WeeChat 4.8.0-dev) |
| 04:44:41 | * | SchweinDeBurg joined #nim |
| 06:16:35 | * | derpydoo quit (Ping timeout: 240 seconds) |
| 06:52:45 | * | derpydoo joined #nim |
| 08:34:29 | * | xtr00 quit (Ping timeout: 244 seconds) |
| 08:35:57 | * | hygo quit (Quit: WeeChat 4.7.1) |
| 08:38:49 | * | xtr00 joined #nim |
| 10:20:48 | * | _th3r00t quit (Max SendQ exceeded) |
| 10:24:04 | * | th3r00t joined #nim |
| 11:05:06 | * | beholders_eye joined #nim |
| 11:49:30 | FromDiscord | <nocturn9x> idk who made https://github.com/jangko/nim-noise but I love you |
| 11:49:41 | FromDiscord | <nocturn9x> amazing library, I integrated it in my project in like 30 seconds and it just works |
| 11:49:42 | FromDiscord | <nocturn9x> peak |
| 11:53:19 | * | beholders_eye quit (Ping timeout: 240 seconds) |
| 12:16:57 | FromDiscord | <tauruuuuuus> Same here, I fought a lot in the past in go for this kind of stuff, just works in nim with this lib |
| 12:17:06 | FromDiscord | <tauruuuuuus> Really neat |
| 12:19:41 | FromDiscord | <.tokyovigilante> In reply to @nnsee "let me look at": Fixed this out of interest, turns out MSVC doesn't have all the atomic functions mingw does, so there are a bunch of stubs/wrappers defined in stdatomic.nim for MSVC, and they were buggy, and compared a `uint64` and a `ptr uint64`, rather than two `uint64`s. |
| 12:28:11 | FromDiscord | <nnsee> fair enough |
| 12:28:18 | FromDiscord | <nnsee> and sorry for never getting back to you, i kind of forgot |
| 15:45:23 | * | disso-peach joined #nim |
| 15:56:17 | * | beholders_eye joined #nim |
| 16:15:43 | * | hygo joined #nim |
| 19:08:35 | * | disso-peach quit (Quit: Leaving) |
| 19:23:39 | * | przmk quit (Remote host closed the connection) |
| 19:30:12 | * | przmk joined #nim |
| 19:40:18 | * | xtr00 quit (Read error: Connection reset by peer) |
| 19:44:14 | * | xtr00 joined #nim |
| 20:04:54 | FromDiscord | <_.ralf> Hi guys I am new to nim, how do i get the ipv4 in nim? I asked chatgpt but it always gives error code. So explaining is ok but the code is full of errors. So please help me. Would be very greatful. |
| 20:21:46 | FromDiscord | <litlighilit> @_.ralf\: if u mean local ip\: `getHostByName(getHostName())`from std/nativesockets |
| 20:23:00 | FromDiscord | <litlighilit> @_.ralf\: if u mean local ip\: getHostByName(getHostName())↵from [std/nativesockets](https://nim-lang.org/docs/nativesockets.html#getHostname) |
| 20:24:31 | FromDiscord | <_.ralf> In reply to @litlighilit "<@961302919586656267>\: if u mean": thank you |
| 21:20:33 | * | derpydoo quit (Quit: derpydoo) |
| 21:24:27 | * | yeti quit (Quit: \\//_) |
| 21:25:24 | * | yeti joined #nim |
| 21:26:08 | * | rockcavera joined #nim |
| 22:01:34 | FromDiscord | <jessatehcrow> sent a long message, see https://pasty.ee/rBxpZgzO |
| 22:01:48 | FromDiscord | <jessatehcrow> (edit) "https://pasty.ee/yESmSbSI" => "https://pasty.ee/dIpNLRbZ" |
| 22:09:35 | FromDiscord | <Buckwheat> > "\>the users will be able to execute lua code on the server↵> The lua environments should also be able to interact with the database through bound functions↵> ↵this is a very concerning set of statements... |
| 22:10:21 | FromDiscord | <Buckwheat> especially without knowing the scope of said SQLite database |
| 22:18:36 | FromDiscord | <Buckwheat> especially without knowing the scope of said SQLite database or how you plan to even be implementing your Lua VM |
| 22:19:22 | FromDiscord | <jessatehcrow> well, the lua functions will call nim functions that'll then handle the actual database stuff↵It won't be direct sql statements |
| 22:19:23 | * | xtr00 quit (Read error: Connection reset by peer) |
| 22:20:16 | FromDiscord | <Buckwheat> even then, you still haven't defined the scope of the Lua itself |
| 22:20:16 | FromDiscord | <Buckwheat> and since you say server, to me that sounds like the users are executing code server-side |
| 22:20:17 | FromDiscord | <Buckwheat> that's... really dangerous, I hope you know |
| 22:20:19 | FromDiscord | <jessatehcrow> imagine↵`get_user()`↵would run a nim function that gets the username of the user who's executing that lua code, and then return that as a string |
| 22:20:47 | FromDiscord | <jessatehcrow> In reply to @Buckwheat "that's... really dangerous, I": I know, and have been researching into this for multiple days now |
| 22:21:14 | FromDiscord | <Buckwheat> a lot of the projects that do this sort of thing spend years developing sandboxed environments for stuff like this |
| 22:21:34 | FromDiscord | <Buckwheat> and even then, these are large teams of multiple developers, and even their solutions aren't perfect |
| 22:22:48 | FromDiscord | <Buckwheat> like don't get me wrong, the idea is cool... but you have to be realistic with yourself here, this is a monumental task to accomplish, not impossible but to do it in a safe manner is going to be an insane process |
| 22:23:55 | FromDiscord | <jessatehcrow> Yeah↵It'll take years, i am well aware |
| 22:24:17 | FromDiscord | <Buckwheat> maybe, try to instead give the illusion of code execution on client-side and use more... sanitized actions for client-server communication? |
| 22:24:25 | FromDiscord | <jessatehcrow> No |
| 22:24:59 | FromDiscord | <Buckwheat> ...why not? |
| 22:25:09 | FromDiscord | <Buckwheat> it's, probably a more maintainable and safe solution |
| 22:25:09 | FromDiscord | <jessatehcrow> Not the goal of the game |
| 22:25:56 | FromDiscord | <jessatehcrow> Are you going to keep shutting me down or are you going to give me some guides as where to begin with this? |
| 22:26:14 | * | xtr00 joined #nim |
| 22:26:43 | FromDiscord | <Buckwheat> not trying to shut you down... just telling you to maybe plot this a bit more because something about this just, does not seem kosher |
| 22:26:57 | FromDiscord | <jessatehcrow> Very well then |
| 22:27:36 | FromDiscord | <jessatehcrow> I'll figure it out some other way |
| 22:30:12 | FromDiscord | <litlighilit> i'm thinking what's the responsibility of lua vm here.↵(or u mean client manipulate in syntax of lua?) |
| 22:31:19 | FromDiscord | <Buckwheat> good question there too, I should've asked that |
| 22:31:26 | FromDiscord | <Buckwheat> I might've gotten too paranoid because the phrasing sounded like server-side execution |
| 22:32:20 | FromDiscord | <Buckwheat> client-side usage of Lua to kind of give that idea of database interaction would be a lot less dangerous for sure, easier to isolate |
| 22:32:20 | FromDiscord | <litlighilit> [Edit](https://discord.com/channels/371759389889003530/371759389889003532/1445180208402534552): i'm thinking what's the responsibility of lua vm here.(or u mean client gives order in syntax of lua?) |
| 22:34:11 | FromDiscord | <litlighilit> tho it's said "execute lua code on the server" |
| 22:35:03 | FromDiscord | <litlighilit> I see."with memory and cpu limits"meaningful. |
| 22:35:04 | FromDiscord | <Buckwheat> yeah, and that to me is such a glaring red flag, but again I might be getting too paranoid there |
| 22:35:11 | FromDiscord | <Buckwheat> just sounds ripe for abuse in my mind |
| 22:37:38 | FromDiscord | <aethrvmn> So like docker?↵(@jessatehcrow) |
| 22:44:52 | FromDiscord | <ieltan> Theres a plethora of solution for this problem: only expose the strictly necessary API users may use, run the code interpreters in container or vm, harden the binary with seccomp... It will take time but hardly "years" you should really not build a whole virtualization system by yourself but instead rely on existing tools and best practices |
| 22:46:14 | FromDiscord | <ieltan> I think Lua itself has a plethora of tunables for isolation and all at the language level... |
| 22:47:40 | FromDiscord | <jessatehcrow> Yes, thank you, this |
| 22:47:42 | FromDiscord | <ieltan> disabling I/O already goes a long way, and if you do need some I/O expose a function that takes care of it for the user |
| 22:47:53 | FromDiscord | <ieltan> And only expose that |
| 22:48:25 | FromDiscord | <ieltan> Validate your inputs too |
| 22:48:27 | FromDiscord | <jessatehcrow> Indeed↵Was intended on stripping essentially every single library↵except for maybe math |
| 22:51:26 | FromDiscord | <ieltan> It seems you know what you're doing, I advise seeking ressources online about this subject and how it's done in production though there may be stuff you need to take into account depending on the usecase |
| 22:52:14 | FromDiscord | <ieltan> I know there is also the "well don't execute code on the server duh, just make the client execute it" |
| 22:52:52 | FromDiscord | <ieltan> Which comes with it own sets of challenges and may not be what you need at all anyways |
| 22:53:50 | FromDiscord | <jessatehcrow> In reply to @ieltan "It seems you know": would you happen to have any examples i could look for?↵(Such as keywords as i don't know the exact terminology for what this would be called, or possibily pre-existing projects) |
| 22:54:45 | FromDiscord | <ieltan> I don't, sorry. Those are just things from the top of my mind. I could look for it and find more stuff but it's getting late for me right now |
| 22:55:13 | FromDiscord | <jessatehcrow> In reply to @ieltan "I know there is": While this would be the easiest solution, it's unfortunately a no-go, as i do need to maintain a server authorative system, which the client-side execution wouldn't be able to maintain |
| 22:56:04 | FromDiscord | <ieltan> Keywords though, you can look at Lua documentation, "sandboxing" "process isolation" |
| 22:56:29 | FromDiscord | <jessatehcrow> In reply to @ieltan "I don't, sorry. Those": That's fair!↵I'll do some more googling and such myself↵↵Thank you regardless though, much much appreciate your input ❤️ |
| 22:57:07 | FromDiscord | <ieltan> The most interesting thing is looking how to whitelist some api and features. Honestly just use perplexity and you'll will find something to start with |
| 22:57:31 | FromDiscord | <jessatehcrow> Process isolation is one i had overlooked, thanks |
| 22:57:51 | FromDiscord | <ieltan> In reply to @jessatehcrow "That's fair! I'll do": No problem |
| 22:58:29 | FromDiscord | <litlighilit> for this nim has helpful `effect system`\: https://nim-lang.org/docs/manual.html#effect-system-tag-trackinglike `{.forbids: [IO].}`↵(@ieltan) |
| 22:58:49 | FromDiscord | <jessatehcrow> In reply to @ieltan "The most interesting thing": This shouldn't be too much of an issue based on what i've found so far↵Main struggle for me currently is creating a system that does all of the above while maintaining decent concurrancy between all of them |
| 22:59:35 | FromDiscord | <ieltan> In reply to @litlighilit "for this nim has": Oof, it's legitimately been eons since I've last seen the effect system genuinely used |
| 23:00:26 | FromDiscord | <ieltan> It could work in Nim with the slight inconvenience thay most io in Nim isn't actually marked as IO with the effect system, you will have to fork the standard library and manually do it yourself |
| 23:00:45 | FromDiscord | <ieltan> (edit) "thay" => "that" | "with" => "within" |
| 23:01:52 | FromDiscord | <jessatehcrow> I don't think i'll have to disable IO at the nim level, as if i remember correctly, it shouldn't be too hard to remove that functionality from lua itself |
| 23:01:54 | FromDiscord | <litlighilit> iirc it does |
| 23:02:46 | FromDiscord | <litlighilit> like `proc flushFile(f: File) {.tags: [WriteIOEffect], raises: [], forbids: [].}` |
| 23:04:51 | FromDiscord | <Buckwheat> gonna second the API idea, maybe that could help with removing any potentially dangerous functions |
| 23:05:12 | FromDiscord | <ieltan> In any case Nim compiles to C and without all the isolation bells and whistles |
| 23:05:21 | FromDiscord | <ieltan> Compared to Lua, so... |
| 23:05:44 | FromDiscord | <ieltan> Let's just say One language is probably more prepared for this usecases than the other |
| 23:06:49 | FromDiscord | <Buckwheat> ah yeah... actually does C have a library for Lua VMs? |
| 23:07:09 | FromDiscord | <Buckwheat> I know there's the Ruby VM header for it |
| 23:08:27 | FromDiscord | <Buckwheat> ah there is `lua.h`, there might be a Nim binding to that, or if not, Futharking it is an option |
| 23:31:00 | * | xtr00 quit (Ping timeout: 244 seconds) |